SkillAgentSearch skills...

Ascon

Ascon-Based Lightweight Cryptography Primitives for Constrained Devices: Authenticated Encryption, Hash, and Extendable Output Functions

GenerateConvertImprove

Install / Use

/learn @itzmeanjan/Ascon
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

ascon

Ascon Permutation-based Lightweight Cryptography Standards for Constrained Devices: Authenticated Encryption, Hash, and Extendable Output Functions.

Overview

This header-only C++ library implements the whole Ascon LwC cipher-suite i.e. Ascon-AEAD128, Ascon-Hash256, Ascon-XOF128, and Ascon-CXOF128. These algorithms, suitable for constrained environments, are part of the Ascon family designed for resource-limited devices, prioritizing security, performance, and efficiency. The library offers constexpr functions where possible for enhanced performance and simplifies integration. The implementation conforms to the Ascon standard defined in NIST SP 800-232.

The library includes the following core Ascon cryptographic primitives:

  • Ascon-AEAD128: Offers AEAD, encrypting the plaintext and authenticating both the ciphertext and associated data to ensure confidentiality and authenticity.
  • Ascon-Hash256: A cryptographic hash function generating a 256-bit digest for data integrity verification and other cryptographic applications.
  • Ascon-XOF128: An extendable output function (XOF) that produces variable-length outputs, useful in various cryptographic contexts where flexibility in output length is required.
  • Ascon-CXOF128: A customizable XOF variant, offering additional flexibility by allowing for application-specific parameterization through a customization string.

[!NOTE] All these schemes offer incremental API - meaning data absorption and squeezing can be performed by making multiple consecutive calls to the corresponding function, as long as that phase it not finalized. It is beneficial when working with large input/ output, which doesn't fit in-memory.

This implementation leverages a sponge construction built upon the Ascon permutation. It employs std::span for safe memory handling and provides constexpr functions where feasible for optimized compile-time computations for statically known inputs.

Key Features:

  • Header-Only: Simple integration; no linking required.
  • constexpr Support: Compile-time evaluation for optimized performance where applicable.
  • std::span Usage: Type-safe memory management.
  • Thorough Testing: Includes property based tests and known-answer tests (KATs).
  • Benchmarking Support: Prepared for benchmarking with google-benchmark.

Important Considerations:

  • Unaudited: This implementation has not yet undergone formal security audits. Production use requires careful consideration of the risks.
  • Associated Data (AEAD): Associated data in Ascon-AEAD128 is authenticated but not encrypted. Confidentiality is provided only for the plaintext.
  • Implementation Size: While header-only, the actual size will depend on compiler optimizations and included features.

Prerequisites

Testing

This library includes a comprehensive test suite verifying the functional correctness of Ascon-AEAD128, Ascon-Hash256, Ascon-XOF128, and Ascon-CXOF128. Known Answer Tests (KATs) ensure conformance to the specification.

We incorporate KAT vectors from two sources.

  • (a) Repo hosting, official implementation from Ascon team @ https://github.com/ascon/ascon-c.
  • (b) NIST ACVP server @ https://github.com/usnistgov/ACVP-Server. You can sync latest ACVP KATs by running $ make sync_acvp_kats.

Run all tests using these commands (from the repository root):

make test -j               # Run release build tests
make debug_asan_test -j    # Run debug tests with AddressSanitizer (memory error detection)
make release_asan_test -j  # Run release tests with AddressSanitizer
make debug_ubsan_test -j   # Run debug tests with UndefinedBehaviorSanitizer
make release_ubsan_test -j # Run release tests with UndefinedBehaviorSanitizer

PASSED TESTS (73/73):
       2 ms: build/test/test.out AsconAEAD128.MultipleEncryptPlaintextCalls
       2 ms: build/test/test.out AsconAEAD128.ValidEncryptionSequence
       2 ms: build/test/test.out AsconHash256.AbsorbMessageAfterDigestIsProduced
       2 ms: build/test/test.out AsconCXOF128.MultipleFinalizeCalls
       2 ms: build/test/test.out AsconAEAD128.EncryptPlaintextAfterFinalizeEncrypt
       2 ms: build/test/test.out AsconHash256.MultipleProduceDigestCalls
       2 ms: build/test/test.out AsconAEAD128.MultipleDecryptCiphertextCalls
       2 ms: build/test/test.out AsconAEAD128.EncryptPlaintextBeforeFinalizeData
       2 ms: build/test/test.out AsconAEAD128.FinalizeDataWithoutAbsorb
       2 ms: build/test/test.out AsconHash256.MultipleFinalizeCalls
       2 ms: build/test/test.out AsconXof128.AbsorbMessageAfterFinalize
       2 ms: build/test/test.out AsconCXOF128.CustomizeAfterFinalization
       2 ms: build/test/test.out AsconHash256.CompileTimeComputeMessageDigest
       2 ms: build/test/test.out AsconHash256.MultipleAbsorbCalls
       2 ms: build/test/test.out AsconXof128.SqueezeWithoutFinalize
       2 ms: build/test/test.out AsconAEAD128.FinalizeEncryptBeforeFinalizeData
       2 ms: build/test/test.out AsconXof128.MultipleSqueezeCalls
       2 ms: build/test/test.out AsconXof128.ValidXofSequence
       2 ms: build/test/test.out AsconCXOF128.MultipleCustomizeCalls
       2 ms: build/test/test.out AsconCXOF128.FinalizeWithoutAbsorb
       2 ms: build/test/test.out AsconCXOF128.SqueezeWithoutFinalize
       2 ms: build/test/test.out AsconXof128.FinalizeDuringSqueezing
       2 ms: build/test/test.out AsconXof128.FinalizeWithoutAbsorb
       3 ms: build/test/test.out AsconHash256.ACVPKnownAnswerTests
       3 ms: build/test/test.out AsconAEAD128.MultipleAbsorbDataCalls
       3 ms: build/test/test.out AsconAEAD128.AbsorbDataAfterDecrypt
       3 ms: build/test/test.out AsconCXOF128.MultipleAbsorbCalls
       3 ms: build/test/test.out AsconAEAD128.DecryptCiphertextAfterFinalizeDecrypt
       3 ms: build/test/test.out AsconAEAD128.AbsorbDataAfterEncrypt
       3 ms: build/test/test.out AsconCXOF128.CompileTimeComputeCXOFOutput
       3 ms: build/test/test.out AsconCXOF128.CustomizeDuringSqueezing
       3 ms: build/test/test.out AsconCXOF128.AbsorbMessageAfterFinalization
       3 ms: build/test/test.out AsconCXOF128.FinalizeDuringSqueezing
       3 ms: build/test/test.out AsconCXOF128.AbsorbWithoutCustomize
       3 ms: build/test/test.out AsconAEAD128.ValidDecryptionSequence
       3 ms: build/test/test.out AsconAEAD128.FinalizeDataCalledTwice
       3 ms: build/test/test.out AsconCXOF128.CustomizeDuringAbsorption
       3 ms: build/test/test.out AsconCXOF128.AbsorbMessageDuringSqueezing
       3 ms: build/test/test.out AsconXof128.CompileTimeComputeXofOutput
       3 ms: build/test/test.out AsconHash256.DigestWithoutFinalize
       3 ms: build/test/test.out AsconHash256.AbsorbMessageAfterFinalize
       3 ms: build/test/test.out AsconXof128.MultipleAbsorbCalls
       4 ms: build/test/test.out AsconAEAD128.FinalizeEncryptCalledTwice
       4 ms: build/test/test.out AsconAEAD128.AbsorbDataAfterFinalizeData
       4 ms: build/test/test.out AsconAEAD128.FinalizeDecryptBeforeFinalizeData
       4 ms: build/test/test.out AsconAEAD128.ACVPKnownAnswerTests
       4 ms: build/test/test.out AsconAEAD128.CompileTimeEncryptAndThenDecrypt
       4 ms: build/test/test.out AsconHash256.FinalizeAfterDigestIsProduced
       4 ms: build/test/test.out AsconXof128.AbsorbMessageDuringSqueezing
       4 ms: build/test/test.out AsconCXOF128.ACVPKnownAnswerTests
       5 ms: build/test/test.out AsconAEAD128.FinalizeDecryptCalledTwice
       5 ms: build/test/test.out AsconCXOF128.MultipleSqueezeCalls
       5 ms: build/test/test.out AsconXof128.MultipleFinalizeCalls
       5 ms: build/test/test.out AsconCXOF128.ValidCXOFSequence
       5 ms: build/test/test.out AsconHash256.FinalizeWithoutAbsorption
       6 ms: build/test/test.out AsconCXOF128.KnownAnswerTests
       6 ms: build/test/test.out AsconXof128.ACVPKnownAnswerTests
       6 ms: build/test/test.out AsconAEAD128.KnownAnswerTests
       6 ms: build/test/test.out AsconAEAD128.DecryptCiphertextBeforeFinalizeData
       8 ms: build/test/test.out AsconHash256.ValidHashingSequence
      11 ms: build/test/test.out AsconHash256.KnownAnswerTests
      11 ms: build/test/test.out AsconHash256.ForSameMessageOneshotHashingAndIncrementalHashingProducesSameDigest
      13 ms: build/test/test.out AsconXof128.KnownAnswerTests
     529 ms: build/test/test.out AsconAEAD128.DecryptionFailureDueToBitFlippingInCipherText
     535 ms: build/test/test.out AsconAEAD128.DecryptionFailureDueToBitFlippingInKey
     537 ms: build/test/test.out AsconAEAD128.DecryptionFailureDueToBitFlippingInTag
     540 ms: build/test/test.out AsconAEAD128.ForSamePlaintextOneshotEncryptionAndIncrementalEncryptionProducesSameTag
     541 ms: build/test/test.out AsconAEAD128.DecryptionFailureDueToBitFlippingInNonce
     545 ms: build/test/test.out AsconAEAD128.DecryptionFailureDueToBitFlippingInAssociatedData
     550 ms: build/test/test.out AsconAEAD128.EncryptThenDecrypt
     556 ms: build/test/test.out AsconAEAD128.ForSameCiphertextOneshotDecryptionAndIncrementalDecryptionProducesSamePlaintext
     977 ms: build/test/test.out AsconXof128.ForSameMessageOneshotHashingAndIncrementalHashingProducesSameOutput
    6222 ms: build/test/test.out AsconCXOF128.ForSameMessageOneshotHashingAndIncrementalHashingProducesSameOutput

[!NOTE] There is a help menu, which introduces you to all available commands; j

itzmeanjan

View profile

View on GitHub
GitHub Stars20
CategoryDevelopment
Updated2mo ago
Forks1
itzmeanjan/ascon

Languages

C++

Security Score

95/100

Audited on Jan 26, 2026

No findings